| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <09e17c7f-ce51-1a46-72c4-12223bee4e3a@linux.intel.com>
Date: Wed, 2 Jun 2021 18:48:11 -0700
From: Andi Kleen <ak@...ux.intel.com>
To: Jason Wang <jasowang@...hat.com>, mst@...hat.com
Cc: virtualization@...ts.linux-foundation.org, hch@....de,
m.szyprowski@...sung.com, robin.murphy@....com,
iommu@...ts.linux-foundation.org, x86@...nel.org,
sathyanarayanan.kuppuswamy@...ux.intel.com, jpoimboe@...hat.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 1/8] virtio: Force only split mode with protected guest
> So we will see huge performance regression without indirect
> descriptor. We need to consider to address this.
A regression would be when some existing case would be slower.
That's not the case because the behavior for the existing cases does not
change.
Anyways when there are performance problems they can be addressed, but
first is to make it secure.
-Andi
>
> Thanks
>
>
>> break;
>> case VIRTIO_RING_F_EVENT_IDX:
>> break;
>> @@ -2231,9 +2240,12 @@ void vring_transport_features(struct
>> virtio_device *vdev)
>> case VIRTIO_F_ACCESS_PLATFORM:
>> break;
>> case VIRTIO_F_RING_PACKED:
>> + if (protected_guest_has(VM_MEM_ENCRYPT))
>> + goto clear;
>> break;
>> case VIRTIO_F_ORDER_PLATFORM:
>> break;
>> + clear:
>> default:
>> /* We don't understand this bit. */
>> __virtio_clear_bit(vdev, i);
>
Powered by blists - more mailing lists